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ABSTRACT 



A system and method for the management of communica- 
tion services from a service provider by a customer of the 
provider. The management system employs an Internet- 
based architecture that provides access to user's virtual 
private networks via an end user browser. The customer 
service management (CSM) system service director (SD) 
maintains a relational database for storing user specific 
information retrieved from the network manager. 

12 Claims, 11 Drawing Sheets 



(' ENTER ) 
~* 



[PROMPTS FOB USER IO AND PASSWORD j 
USER ENTERS US£ A g) AND PASSWORD 



INDICATE USER D 




ACCCBS DENIED 



DtlPLAY REQUEST POR 
USSR TO IDS OUT TX 
OTHER CESSION 



06/07/2004, EAST Version: 1.4.1 



U.S. Patent 



May 4, 2004 



Sheet 1 of 11 



US 6,732,181 B2 




SERVICE PROVIDER'S NETWORK 



CUSTOMER 
END-USER 
BROWSERS 




SERVICE PROVIDER 
CSM SERVERS 



FIG. 2 




CSM SERVICE 
DIRECTOR 




CSM 
AGENT 




NETWORK 
MANAGER 
SYSTEM 







06/07/2004, EAST Version: 1.4.1 



U.S. Patent May 4, 2004 Sheet 2 of 11 US 6,732,181 B2 



1 1 




— m 






FIG. 3 



LEGEND 
C~^) PROCESS 
r I API 

MODULE 




06/07/2004, EAST Version: 1.4.1 



U.S. Patent May 4, 2004 Sheet 3 of ll 



US 6,732,181 B2 



CLIENT 



BROWSER 



COOKIE 



J WWW \ 

/ I INTERNET / 



NETSCAPE 
SERVER 



LOGIN CGI 



1 - 

2 

3 



IP, ID. PW 
COOKIE (ID) 
IP. COOKIE(ID) 



FIG. 4 



SD 

APPLICATION 



( ENTER ) 



DASHBOARD FRAME 



USER LOGS OUT 

i 



CHANGE USER'S STATUS 
TO "ENABLED" 



~~T~ 

( RETURN ) 

FIG. 6 



DASHBOARD 
FRAME 



CONTENT FRAME 



FIG. 7 



06/07/2004, EAST Version: 1.4.1 



U.S. Patent May 4, 2004 Sheet 4 of 11 US 6,732,181 B2 



C enter ) 



FIG. 5 



ENTER 

I 

PROMPTS FOR USER ID AND PASSWORD 



1 : 

USER ENTERS USE^ ID AND PASSWORD 



VERIFY USER ID AND PASSWORD 
AGAINST USER LIST 



( 



INDICATE USER ID 
IS INCORRECT 




r 




YES 



ACCESS USER'S STATUS 



RETURN 



> 



INDICATE USER ID 
IS DISABLED 



USER IS 
LOGGED 
IN 



CHANGE 
USER'S IP 
ADDRESS TO 
REQUEST IP'S 
ADDRESS 



CHANGE 
. USER'S 
STATUS TO 

-ACTIVE- 




STATUS MUST 
THEN BE "ACTIVE- 



ACCESS DENIED 




DISPLAY REQUEST FOR 
USER TO LOG OUT THE 
OTHER SESSION 



06/07/2004, EAST Version: 1.4.1 



U.S. Patent May 4, 2004 Sheet 5 of ll US 6,732,181 



POINTS TO APPLICATION WINDOW 



HELP WINDOW 


OPENER 




HELP 






CONTENT 






FRAME 







SD APPLICATION WINDOW 



DASHBOARD 
FRAME 



CONTENT 
FRAME 



FIG. 8 



APPLICATION! 
APPLICATION 
APPLICATION 



CONTENT FRAME 



FIG. 11 



06/07/2004, EAST Version: 1.4.1 



U.S. Patent May 4, 2004 Sheet 6 of 11 US 6,732,181 B2 



ENTER 

HZ 

DASHBOARD 



I 

CREATE A NEW HELP 
BROWSER WINDOW. UPDATE 
"OPENER" OF HELP WINDOW 
TO POINT TO USER'S SD 
APPLICATION WINDOW 

i 

GET HELP CONTEXT 
FROM SD APPLICATION 




FIG. 9 



06/07/2004, EAST Version: 1.4.1 



U.S. Patent 



May 4, 2004 



Sheet 7 of 11 



US 6,732,181 B2 



z 
o 

o 
o 

_J 
I- 

UJ 

s 

< 



UJ 

g 



UJ 

u. 

X 
CD 
OH 



UJ 

UL 
\— 
X 

or 



UJ 

u. 

H 
X 
O 



UJ 

u. 
X 

52 



Q 

or 
o 
o 
z 
o 
o 

• • 

c 

X 



UJ 

8 

PCL 



CD 



UJ 



O. 



(D 

LL 



b LU 

of 

CL 
< 



g 

o 
z 
o 
o 



CO 



UJ 

o 



CO 



LL 

o 



06/07/2004, EAST Version: 1.4.1 



U.S. Patent May 4, 2004 Sheet 8 of 11 



US 6,732,181 B2 



^ enter" ^ 



REQUEST TO DISPLAY 
A "DASHBOARD" PAGE 



IS 

JSER ASSIGNEE 
ANY THIRD PARTY 
\PPLICATIONJ 



YES 



FOR EACH THIRD PARTY 
APPLICATION THAT HAS 
STATUS = "ON", GENERATE 
HTML TAGS FOR THIRD 
PARTY APPLICATIONS 
ASSIGNED TO USER 



DISPLAY 
"DASHBOARD" PAGE 




GENERATE CGI FORM 
CONTAINING 
PREDEFINED TAGS 
AND VALUES 


< 









^ RETURN J 



FIG. 12 



06/07/2004, EAST Version: 1.4.1 



U.S. Patent May 4, 2004 Sheet 9 of 11 US 6,732,181 B2 



DASHBOARD 
FRAME 



WELCOME 



CUSTOMER CARE SERVICE MANAGEMENT 

CURRENT CUSTOMER: CUSTOMER 15 
SELECT A CUSTOMER TO SWITCH TO 



CUSTOMER 15 



LAST LOGIN WAS: 01/22/98 10:14:29 
HELP DESK PHONE NUMBER: 421-2643 
N/A 



NOTE PAD: 



N/A 



SAVE NOTE PAD 



FIG. 13 



DASHBOARD 
FRAME 



WELCOME 



CUSTOMER SERVICE MANAGEMENT FOR 

CUSTOMER 15 
LAST LOGIN WAS: 01/22/98 11:49:19 
HELP DESK PHONE NUMBER: 421-2643 
N/A 



NOTE PAD: 



SAVE NOTE PAD 



YOUR SERVICE PROVIOERTELECOM SERVICE PROVIDER 



FIG. 14 



06/07/2004, EAST Version: 1.4.1 



U.S. Patent May 4, 2004 Sheet 10 of 11 US 6,732,181 B2 



^ ENTER J 



REQUEST TO DISPLAY 
A "WELCOME" PAGE 




YES 
I 



GENERATE HTML TAGS 

FOR SWITCH 
CUSTOMER ACCOUNT 



DISPLAY 
"WELCOME* PAGE 



DISPLAY 
"WELCOME" PAGE WITH 
SWITCH CUSTOMER 
ACCOUNT HTML TAGS 




FIG. 15 



06/07/2004, EAST Version: 1.4.1 



U.S. Patent May 4, 2004 Sheet ll of ll US 6,732,181 B2 




06/07/2004, EAST Version: 1.4.1 



us 6,7: 

1 

INTERNET-ENABLED SERVICE 
MANAGEMENT AND AUTHORIZATION 
SYSTEM AND METHOD 

This is a continuation application of application Ser. No. 
09/069,566, filed Apr. 29, 1998, now U.S. Pat. No, 6,434, 
619, 

FIELD OF THE INVENTION 

This invention relates to service management of digital 
communications networks and, in particular, to the manage- 
ment of communications services from a service provider by 
a customer of the provider. 

BACKGROUND OF THE INVENTION 

A network management system (NMS) provides opera- 
tors with a full range of configuration capabilities on multi- 
technology communications networks, as represented in 
FIG. 1. The NMS may be used to configure the network, 
manage links and paths, monitor network operations and 
resolve problems from a central location. For example, 
traffic and service parameters on Frame Relay, ATM, X,25, 
SONET/SDH and ISDN links and paths can be configured 
at the NMS, typically through a point-and-click graphical 
user interface (GUI). End-to-end connections through the 
network can be established by simply clicking on endpoints 
depicted on the GUI. Network reliability is ensured through 
automatic rerouting and restoration functions of the NMS. 

Conventional NMSs, such as the MainStreetXpress 
(trademark) 46020 from Newbridge Networks Corporation, 
include functionality to partition communications network 
resources whereby a service provider can resell bandwidth 
and services to customers, and effectively manage the 
resources, customers and operations personnel. A network 
can be partitioned, for example, to divide it by region or 
department, or to provide Virtual Private Networks (VPNs) 
for multiple customers. Two of the types of VPNs are a 
virtual backbone network (VBN) or a virtual service net- 
work (VSN). For sophisticated partitioning applications, it is 
possible to subdivide a customer's VBN into multiple VSNs. 

A VBN partition is a physical partition of network 
resources. This form of a partition contains bandwidth 
dedicated to that partition only, and is characterized on the 
NMS by a physical view of the network equipment and 
bandwidth. The resources in a single VBN may be shared, 
permitting customers to interact with the network as if it 
were their own private backbone network. 

VSN partitioning provides a more service oriented view 
of the network, characterized on the NMS by the subscribed 
services and the access points in and out of the network for 
a particular customer. This form of a partition contains 
pathend equipment only. Bandwidth is drawn from the 
'parent' partition which may be a VBN or the 'supply' 
network (i.e., the service provider's physical network). 

From large corporate customers supporting mission- 
critical business applications, to small business clients sell- 
ing products worldwide, service provider subscribers are 
demanding increased visibility and control of their sub- 
scribed communications services. Whether they are looking 
for end-to-end visibility across the corporate-wide network, 
or service performance information, customers want to 
ensure their network is cost-effective and responsive to 
rapidly changing needs. For service providers, meeting this 
requirement creates an opportunity for service differentia- 
tion and competitive advantage. 

The demand for customer service management (CSM) 
features is being driven in large part by the growth in 
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outsourcing of bandwidth by enterprise managers, value- 
added communications resellers, and other telecommunica- 
tions subscribers. Most service providers are looking for 
customer network management (CNM) solutions to meet 
s these needs — solutions that typically extend network status 
and performance information to subscribers. 

SUMMARY OF THE INVENTION 

The CSM Service Director (SD), embodied by the present 
invention, makes it possible for service providers to offer 
their customers the ability to monitor and manage their 
outsourced network resources in much the same way as they 
manage their in-house resources, giving them control of 
their VPNs. 

15 

The information provided by the CSM SD reflects the 
view the service provider wants to extend to its customer. In 
most cases, this will mean that customers are given the 
ability to view their network endpoints and the status of the 

20 associated connections. Details of the network, in terms of 
network equipment and the routing of the connections, are 
transparent to the customer. Instead the customer sees access 
points and connections between these access points. 
The SD introduces a Web-based presentation environment 

25 and a number of valuable CSM applications that can be 
accessed via the Web medium. The CSM Service Director 
brings the flexibility and manageability of Web browser and 
Internet/Intranet technologies to the CSM services offered 
by traditional NMSs. It works with the industry standard 

30 Web browsers, Netscape Navigator and Microsoft Internet 
Explorer. The CSM Service Director extends the CSM 
market beyond large corporate customers to include medium 
and small business subscribers. 

35 BRIEF DESCRIPTION OF THE DRAWINGS 

The invention will now be described in greater detail with 
reference to the attached drawings wherein: 

FIG. 1 is a high level diagram of a system for providing 
4Q CSM services via a multi-technology network; 

FIG. 2 illustrates the CSM services system according to 
the present invention; 

FIG. 3 is a diagram showing the make up of the HTML- 
CGI based software architecture; 
45 FIG. 4 depicts information flow between client and server 
in the multiple login process; 

FIG. 5 is a flow diagram illustrating the multiple login 
process of FIG. 4; 
5Q FIG. 6 is a flow diagram showing a log out process; 

FIG. 7 illustrates a dashboard frame in a CSM Service 
Director application; 

FIG. 8 shows a representation of an online context sen- 
sitive help frame; 
5S FIG. 9 is a flow diagram of an online context sensitive 
help process; 

FIG. 10 illustrates a third party application configuration 
screen; 

6Q FIG. 11 represents third party application dual screen on 
an end-user's browser window; 

FIG. 12 is a flow diagram for a configurable third party 
Internet application integration; 

FIG. 13 illustrates an internal user's welcome context 
65 frame; 

FIG. 14 illustrates an external user's welcome context 
frame; 
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FIG. 15 is a flow diagram for context switching to a statistical intervals. Hourly accumulations begin and end on 

customer's account; and the hour (e.g., 3:00 to 4:00). The daily accumulations begin 

FIG. 16 is a flow diagram for the backup procedure in a end at midnight. The monthly accumulations begin at 

shared memory application. midnight of the first day of the month and end at midnight 

5 of the last day of the month. The current hourly, daily and 

DETAILED DESCRIPTION OF THE monthly accumulations are updated as each sample is 

INVENTION received making these totals as up to date as possible. The 

. . r,.^ . 4 - 4 . . . „. historical statistics are available until the data is purged. 

As shown in FIG. 1 the system of the present invention r . ™ , 

relates to a network whereby a service provider offers a Although the preferred embodiment of the CSM system 

customer a variety of resources and services via a virtual 10 mcor P ora ^ t ^ exch f n 8 e of L net ^ ? ata Wlth ™ S 

private network (VPN). A network management system usm 6 an SNMP intcrfacc to th ° C u SM L A f " l aCTVcr ? h ° s * 

allows an operator to configure the network in accordance data repository is in turn accessed by the SD server, the SD 

with specific requirements. scrver could su PP ort a dircct intcrfacc t0 ^ NMS and 

. . . , , . _ , A * . - multi-vendor network management products to support 

HG.2isahLg^ 1S multi . vendor ^ management, 

invention. The NMS is used to configure the network as . . . „ n ™, 

. • r™ ^ nir(nmpr , nQ „ pm(lnt /nr»A The CSM Service Director client interface is a WWW 

shown in FIG. 1. The customer service management (LoM) , L1 _ m-wr ~> n T o • ^ 

• j i • a s-j^ , p CU V t T ' browser capable of supporting HTML 3.0, Java Script 1.1 

system includes a service director (SD) and a CSM agent. I o , T v /f \ T . A „ rt „ w . ri 

the following discussion the term CSM Agent is meant to and Ja ^- 0 : 2 ^ N ^f f r 3 °* ° r 1 Ml 'T 
include a Newbridge Networks product known as CSM 20 Inle ™ c ^P lorer HTIT is stateless protoco and thus 
Agents. Hk CSM Agent server stares SNMP Community 2 ° each CSM , Service Director screen needs to contain suffi- 
cing (which is equivalent to a CSM Service Director cient user data, via hidden field values, to display subsequent 
Customer or a Newbridge 46020 VSN), network configu- screens - 

ration and network statistical information in a data reposi- A re 1 uest from 1136 browser is sent to the CSM 

tory which is implemented using a typical relational „ Semce Director back end server v ia the Web Server. The 

database, such as an Informix database, on the CSM Agent. ^ M Service Dir ^ tor back cnd serv f r Presses the web 

The information maintained therein is received from the clie nt's request and returns a composed page to the client via 

NMS which communicates with the CSM Agent, for the Web serven 

example, through the well-known Simple Network Manage- Each HTML page contains HTML, Java Script, and Java 
ment Protocol (SNMP). The NMS may be any commercially 30 Applets. HTML is used to compose Web pages. Java Script 
available product that supports SNMP and virtual network is used for local client side processing (e.g. button actions, 
partitioning for respective customers, an example of which ^ate time stamps, setting cookies.) Java Applets are used 
being the MainStreetXpress 46020 Network Manager by to provide more demanding Web interactions (e.g. display- 
Newbridge Networks Corporation. m 8 ma P s )- 

The CSM Service Director (SD) server accesses the 3 S ^ structure of the SD server characterizes an 
database maintained by the CSM Agent using structured HTML^common gateway interface (CGI) based architecture 
query language (SQL) which is the standard method of which consists of both server application processing and 
accessing relational databases. End-users employing client UI screen page generation. FIG. 3 shows the HTML- 
browser clients interact with the CSM Service Director (SD) CGI based software architecture of the SD. As previously 
server via world wide web (WWW) based communications, 4 q described, the CSM Agent is an external process that main- 
whereby the SD server receives service management queries tains the database of customer service information which is 
from the clients, retrieves corresponding customer service retrieved by the SD via an SQL interface, 
information from the CSM Agent's database and generates The CSM Service Director constitutes a software appli- 
an appropriate graphical based response which is returned to cation that is executed on a conventional server platform 
the clients for display by their browsers. 45 known as a hypertext transfer protocol deamon (HTTPD) 

Within the data repository, the customer information that runs on a UNIX based data processing unit. The HTTPD 

identifies each customer subscribing to the CSM service and facilitates communications over the WWW between clients 

for each customer, there is associated network configuration »«* the server, and an example of the HTTPD is the 

and network statistical information. The network configu- Netscape Enterprise Server. The CSM Service Director 

ration information includes configuration parameters for 50 apphcation consists of four major modules: Client UI, 

access ports and virtual circuits, for example, as described in Service Management, Process Management, and Event Lx>g- 

the Frame Relay Service Management Information Base S in S- modulcs in general comprise autonomous pro- 

(MIB) (IETF Network Working Group, "Definitions of cesses and/or appUcation program interfaces (APIs) which 

Managed Objects for Frame Relay Service", RFC1604) and defincd callabIe routincs to derivc «*«n information, 

the ATM MIB (IETF Network Working Group, "Definitions 55 The Client UI module provides functionality for manag- 

of Managed Objects for ATM Management", RFC1695). m the requests from web clients. Each action taken by a 

The network statistical information includes the appropriate service end-user triggers a lightweight CGI process that 

information to process statistics requests for the supported retrieves/filters/sorts data through a Web API from the 

MIBs. The CSM Agent receives customer information and Service Management module, which data is stored m a RAM 

configuration changes from the NMS as needed. These 60 workspace labeled as Perf Data in FIG. 3. A corresponding 

changes are processed by the CSM Agent as they are HTML page is then generated as the response, 

received. The CSM Agent receives statistical samples from As shown in FIG. 3 the client UI module includes a CGI 

the NMS on a periodic basis, for example, in 15 minute parser, a WEB services API and a WEB page formatting 

intervals. The 15 minute intervals are saved for a 24 hour API. 

period (i.e., 96 intervals are saved) and a roiling total of 65 The CGI parser provides a lightweight CGI program to 

these last 96 intervals is maintained. In addition, the reposi- parse incoming parameters and invoke the corresponding 

tory stores hourly, daily and monthly accumulations of the WEB Services API. It consists of a set of CGI programs 
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wherein each corresponds to a user request action. Each user 
request from either a service user or the system administra- 
tor invokes a CGI program on the Web server. Each CGI 
program does the following: 

parses the web CGI parameters; 

invokes a WEB Services API routine using the parsed CGI 

parameters as arguments; and 
returns the result to the Web browser. 

Each CGI program returns the next HTML screen page of 
the user request. 

The WEB Services API provides a user request level 
interface to Service Management APIs. It consists of a set of 
APIs between the CGI program and UNI/PVC APIs and 
System Management APIs. Each WEB Services API corre- 
sponds to a CGI program. Each API is defined as a dynami- 
cally linked library, such that multiple CGI programs can 
share a single copy of that API. Each WEB services API 
does the following: 
validates user id with IP address; 
validates user capabilities; 

invokes some of the APIs in the Service Management 
module; 

if returned object is a collection then filters/sorts the collec- 
tion; 

invokes a WEB Page Formatting API to compose a HTML 

screen page for the returned object as necessary; and 
returns the composed HTML screen page. 

The WEB Page Formatting API provide a common page 
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for each PVC, read of any specified OID; and 
for each PVC, write of alias; 

The PVC API uses the CSM Agent database for PVC data. 
SQL queries are used to get data. 
The UNI API provides a service level interface to access 
OIDs associated with UNIs. The UNI API is an API between 
client UI and CSM Agent Informix database for configura- 
tion and status data of UNIs. Performance statistics data are 
also taken directly from the CSM Agent database via SQL 
queries. The API is defined as a dynamically linked library, 
such that multiple CGI programs can share a single copy of 
this API. Methods include: 
for each UNI, read of any specified OID; and 
for each UNI, write of alias 

It uses CSM Agent database for UNI data. SQL queries are 
used to get data. 

The PVCList API provides a service level interface to 
access managed object indices associated with PVCs for a 
specified community. PVCList should also provide APIs for 
retrieving information of PVCs related to specified UNIs. It 
comprises an API between client UI and CSM Agent Infor- 
mix database for retrieving specified information on a speci- 
fied UNI. The API is defined as a dynamically linked library, 
such that multiple CGI programs can share a single copy of 
this API. It Uses the CSM Agent database for PVC data. 
25 SQL queries are used to get data. 

The UNIList API provides a service level interface to 
access managed object indices associated with UNIs for a 
specified community. The UNIList API is between client UI 
and CSM Agent Informix database for retrieving specified 



20 



formatting interface to WEB Services APIs. This API is a set 30 information on a specified community. The API is defined as 



of class methods that WEB Services APIs invoke to build 
HTML pages. Each WEB Page Formatting API builds a 
generic HTML page or a portion of a HTML page. 

Each class method composes a HTML screen page for a 
given object or a collection of objects. Each class method 35 
returns the composed HTML screen page. 

The Service Management module consists of two parts: 
one having functions for service end-users, and the other is 
for service provider administrators (or service provider 
end -users). Service end -user actions are served by a UNI, 
PVC, UNI List, PVC List, End Point, and Performance 
Collection API that encapsulates the representation details of 
these services. Service provider administrator actions are 
served by a system information user, and customer API that 
retrieves and updates customer and user account data, ser- 
vice provider information, as well as license information. 
The system information cache constitutes shared memory in 
RAM, in which the customer and user profile data together 
with the system data are stored. 

As shown in FIG. 3 the Service Management Module 
includes a number of APIs and a cache memory. The 
Performance Collection API provides disk file storage for 
user requested performance data. 

The performance data can be stored on disk files in an 
ASCII format readable by an application such as Microsoft 
Excel. As a Performance Report screen is being generated, 
the data set is saved to a temporary file. A user request to 
"Export Raw Data" causes this temporary file to be renamed 
to a specific file name. 

The PVC API provides a service level interface to access 
object identification (OIDs) associated with PVCs. It is an 
API between client UI and CSM Agent Informix database 
for configuration and status data of PVCs. Performance 
statistics data are also taken directly from the CSM Agent 
database via SQL queries. The API is defined as a dynami- 
cally linked library, such that multiple CGI programs can 
share a single copy of this API. Methods include: 



a dynamically linked library, such that multiple CGI pro- 
grams can share a single copy of this API. It uses the CSM 
Agent database for UNI data. SQL queries are used to get 
data. 

The End Point API provides a service level interface to 
access End Point managed objects. It consists of an API 
between client UI and CSM Agent Informix database for 
retrieving specified information on specified End Point. The 
API is defined as a dynamically linked library, such that 
40 multiple CGI programs can share a single copy of this API. 
It uses the CSM Agent database for End Point related data. 
SQL queries are used to get data. 

The System API provides a service level interface to 
access all system management information, related service 
45 provider information, start/stop system, report status of the 
system, and license information. 

The System API is between client UI and System related 
information. Each API is defined as a dynamically linked 
library, such that multiple CGI programs can share a single 
50 copy of that API. 

UNIX scripts are used to start, maintain, stop and report 
status of the process management daemon. API between 
client UI and system license information includes the fol- 
lowing methods: 
55 convert to system license information from application key; 
upgrade system license based on the new application key; 
and 

report current license information and license utilization 
data. 

60 It uses shared memory segments to cache data. Each 
update to the memory is written back to the disk files. 
Rogue Wave tools,h++ is used to support data persistency for 
non-shareable data. 

User account API uses license information to limit the 
65 number of users supported by the system. 

CGI programs use service provider information to gen- 
erate customized page. 
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The System Information Cache provides an internal inter- 
face that is used by the components from the Service 
Management block, for communicating with shared 
memory. It comprises an API used for communication with 
the shared memory segments. Its methods include: 5 
attachment of the shared memory; and 
detachment of the shared memory. 

Any interaction with shared memory needs to go over this 
interface. 

The Customer API provides a service level interface to 
access customer and service provider data. It is an API 
between client UI and customer information and provides 
the following: 
a list of customers; 

for each customer, read and write of any specified field; 
create new customer; and 15 
delete an existing customer. 

A usage counter is maintained for each customer both in 
cache and on disk files. The counter increments each time a 
user of that customer logs in. Any write operation to the 
memory system information also writes to corresponding 20 
customer and service provider data disk files. 

The User API provides a service level interface to access 
user account data. It is an API between client UI and user 
account information and provides: 

a list of user accounts; 25 
for each user account, read and write of any specified field; 
create new user account; and 
delete an existing user account. 

Internal data per user account includes: 
last login date and time; 30 
service user phone number; 
service user note pad; 
service user confirmation enabled; 
number of consecutive service user login failures; 
UNI filter criteria; 35 
UNI sort field; 
UNI sort ordering; 
PVC filter criteria; 
PVC sort field; and 

PVC sort ordering. 40 

Any write operation to memory system information also 
writes to a corresponding user account files. It uses customer 
and service provider data API to get a list of available 
customers. Netscape Enterprise server is used to store user 
account and password, and to enable/disable user accounts. 45 

Memory System Information provides an in-memory 
cache for system information files. It consists of C++ data 
structures residing in shared memory, used to store system 
information read from disk files. Data cached are: 
system mode; 50 
CSM Agent status; and 
system information. 

RogueWave too!s.h++ is used for the following data: 
customer data; 

service provider information; and 55 
user account data. 

APIs are used to access the above information. 

The Database Utility API provides tools for accessing 
Informix database. Database Utility API will also provide 
functions for opening and closing database. A Database 60 
Utility API will be used by the other API modules for 
accessing Informix database. 

The Process Management module is responsible for pro- 
cess running and monitoring. It starts the respective pro- 
cesses and ensures each is still running; processes are 65 
restarted if necessary. Also, Process Management kills other 
processes for a graceful shutdown. 



As shown in FIG. 3 the Process Management Module 
Includes a SD_Daemon which provides process startup, 
creation of shared memory segments, and control of the 
running processes. It makes use of CSM Agent code for 
management of processes. Its functionality includes: 
running processes; 

checking if the processes are running; and 
creation of the shared memory segment. 

The Event Logging module is used by client UI, service 
management and process management modules to report 
any software log or user event. Events are first logged to a 
shared memory segment. ELS collector then copies the 
event logs to disk files. A user event daemon is used to 
further filter and convert user events from the disk files into 
readable ASCII user event files. 

The Event Logging Module shown in FIG. 3 includes an 
ELS API, an ELS Collector, an ELS Log, a User Event 
Daemon, and User Events. 

The ELS API provides a common logging service that is 
used by client UI, service management and process man- 
agement to log user events and software problems. This API 
is taken directly from the Network Managers (46020, for 
example) SW_Error and ELS APIs. New event descriptors 
are introduced for each required source code file. Each new 
source code file is required to declare and use its own event 
descriptors to uniquely identify potential software problems 
within that file. Data are logged to shared memory by 
applications. Event descriptor parsing needs to be called in 
each build. 

The ELS Collector collects logs from various applica- 
tions. A C process is built based on 46020's ELS collector. 
Data are read from shared memory and then logged to hard 
disks. 

The ELS Logs provide persistent logs which are kept in 
a format identical to 46020's ELS and can be examined via 
46020's logtool. 

The User Event Daemon generates user events based on 
the logic in 46020 ELS "log" process to generate user 
events. It also manages the available disk files for user 
events. The daemon retrieves and filters out user event 
associated logs from the disk log files generated by ELS 
collector, and dumps the user events to a list of user event 
files in the format defined by the user event descriptors. 

User Events provide persistent user events which are kept 
for further processing, like billing and can be examined via 
any text editor. 

To make CGI processes lightweight, a dynamic linking 
library whereby executable routines are loaded into memory 
is used, and shared memory is used for inter-process com- 
munications. User, customer, service provider, and system 
information are stored in a shared memory segment, spe- 
cifically the System Information Cache, accessible from the 
dynamically linked libraries. Each CGI process handles the 
request on its own, with the assistance of dynamically linked 
libraries, to access the shared memory. The shared memory 
is described in greater detail later. 

Moreover, any persistent data that is Service Director 
specific and is not available in the CSM Agents Informix 
database are stored in the shared memory. 

The information related to the customer, user, service 
provider, and system in general will also be backed up on the 
hard drive. The cron job will trigger the backup process 
periodically. The default interval is 15 minutes. 

Netscape Enterprise server 2.0 spawns a CGI process for 
each user action taken by a Web user. This CGI process then 
executes the corresponding CGI program. Binary 
executables are bundled together with Netscape Enterprise 
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server for managing user accounts and passwords. Pass- System API, an error notification screen is constructed to 

words are not maintained in standard UNIX file/etc/passwd. notify the user of the specific reason. If login failure is 

Essentially, every navigation action taken by the user will reported by the Login CGI process, an error notification 

trigger a CGI process that determines the next page to screen is constructed with a specific reason, i.e., non-existent 

present. For each CGI process, user access is validated S account, invalid password. 

quietly in the background. There isn't really a user session Each login attempt is logged as a user event, regardless of 

for each login to Service Director. whether the attempt succeeds or not. 

Netscape server plug-in API is a set of ANSI C functions Details respecting the log in mechanism follows, 

that enables users in tailoring Netscape Enterprise servers The Inactive User Auto Logout automatically logs out an 

behavior. Server's plug-in functions may be created or 10 inactive user, regardless of whether it is an internal/external 

altered by this API. For example, functions can be created service user, or an administrator. 

for access control of the Service Director. The auto logout cron job is used to automatically log out 

User access authorization is achieved via user account ID inactive users. Once an active user is logged out, any further 

and IP address. User Ids and IP address are transferred action taken by the user leads to an error notification screen, 

within HTTP protocol request and response header for each 15 The user is required to log in again. The cron job is started 

request and response. Both user Ids and IP address are used every 10 minutes to clean up inactive users. The cron job 

for subsequent access authorization of CGI programs. calls the System Management API for inactive auto logout 

There is a web-based file transfer function embedded in period. For each active user, it calculates whether the 

Service Director. It can be triggered by pressing the corre- inactive period is greater than or equal to the system 

sponding button on the navigation frame. Directories are 20 parameter. If so, that user is automatically logged out, 

created for each customer. Users within each customer share System Management API is then used to delete the active 

the same directory. user, and a user event is generated. 

All user accounts of a particular customer share a com- The side effect of the approach is that an inactive user may 

mon directory. Upon creation of a customer account, a be logged out 10 minutes later than what the system param- 

directory for the customer is created with the correct read/ 25 eter specifies, due to the cron job scheduling period, 

write permission. User Ids and IP address are used for Service User Actions include Get and Set Operation; 

directory access authorization. An individual user can access Sorting and Filtering; Export Performance Report Data; and 

only his assigned customer directory. The user cannot dis- Server Start, Stop and Status. 

cover the existence of other customers. The Get and Set Operation gets data for related managed 

An internal user is created by configuring the user as 30 object, and sets data directly to the CSM Agent. Upon user 

"internal" from the user account management page. An login, data associated with the customer are polled by the 

internal user account type has the same look and feel as a system on request. 

regular customer user except for a slightly modified wel- Get Data: UNI/PVC API or System Mgmt API CSM 

come page. There is a drop box selection menu that allows Agent database for the item. In normal operation, data are 

the user to switch to another customer portfolio and act as a 35 returned. If the response is expired, a response HTML page 

user from that customer. By switching it is meant that no is constructed to notify the user to wait. If the response is 

login procedure is needed. This internal user (or super user) undefined, UNI/PVC API informs the user that information 

is intended for the service provider only. is not available. In any case, Web API is used to form the 

Direct Informix queries to the CSM Agent database are new HTML page. The number of gets performed for the user 

chosen as the mechanism for retrieving configuration and 40 action is logged to User Events by UNI/PVC API. 

historic performance statistics data because one SQL query Set Data: UNI/PVC API calls CSM Agent database to set. 

can retrieve multiple intervals of statistics or configuration The response is used by Web API to form a new HTML 

data for multiple network objects. Other vital, invisible data page. The number of sets performed for the user action is 

items, such as time stamps of statistics intervals, can be logged to User Events by UNI/PVC API. 

retrieved and used for performance reporting. 45 The Sorting and Filtering operation handles sort and filter 

This approach does not cache any configuration and configurations and performs sorting and filtering of data, 

historic performance statistics data. Each configuration and/ Sorting/filtering fields and ordering are maintained inter- 

or performance report triggers database queries to the CSM nally per user by the system. Upon reconfiguration or user 

Agent database. action, the system's internal shared memory is accessed and 

In the Service Director Server/Application there are a 50 updated for the sorting and filtering criteria as follows: 

number of high level interactions between software modules Sorting: This action will be done on the user side in the Java 

in response to common, representative external and internal applet. 

events. The following gives an overview of the functional Filtering: Upon click of filtering field, a CGI program is 

division of the Service Director. started to retrieve the current filtering criteria CSM Agent 

With the User Login a user logs in as either an internal/ 55 database via User API and format them via Web API. 

external service user, or an administrator (i.e., admin Upon applying filter preference, a filter preference CGI 

account). Login may succeed or fail. Failure reasons are program is started to save the filtering criteria to 

invalid password, disabled account, non-existent account, In-memory System Info via User API. The CGI then 

multiple logins, server status locked, or unavailable service. retrieves all the data, again via UNI/PVC API and 

Upon user login, a login CGI program is fired up. The 60 re-sorts/re-filters the results and forms the first page UNI 

Login QGI uses the system shared memory's simple user or PVC list via Web API. 

database for user access authorization. If login is successful, The Export Performance Report Data operation saves 

the CGI program calls Web API, which again calls System current viewed Performance Report data to a disk file. Data 

API, to construct the users welcome screen. System then set of the current display graph is exported to a file on a 

changes the status of the user account to active. 65 pre-defined user-specific directory on the Web server. As a 

If the system service is not available, or the user account Performance Report screen is being generated, the data set 

is disabled, or the user is already logged in, as reported by is saved to a temporary file (e.g. perfl.tmp), and the tem- 
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porary file name is a hidden field in a generated HTML page. writes them to Logs. The daemon process User Event 
A user request to "Export Raw Data" causes this temporary Daemon consistently receives updates to the Logs, filters out 
file name to be passed back to the Web server and renamed user events and writes to User Events disk file, 
to a specific file name (e.g. perfl.rpt) in the predefined As previously discussed the present invention relates to an 
user-specific directory. The current date and time are used to 5 Internet-enabled service management system and method 
make the file name unique. The name given to the permanent that enables the customers of a service provider with web- 
file may be specified by the user. The data can be accessed based access to manage the services they receive from a 
via a file transfer protocol from the user-specific directory. service provider. The management capabilities of the system 
All hanging temporary files are deleted upon "User Logout" include the ability to perform performance and configuration 
or "Inactive User Auto Logout". io management on network services provided by the service 

The Export Raw Data function allows a user, while provider, 
viewing performance reporting screens, the capability of One of these SD applications performs user validation and 

saving data points of the performance graph to the user's prevents multiple logon of identical user Ids through the 

Web directory as provided by the Service Provider. The data Internet. According to this aspect a user's session is timed 

points may be saved using Excel. The system allows a user 15 out after a period of inactivity between the user's browser 

to retrieve files, generated via the Export Raw Data function and the server application. 

from the user's Web directory to the user's local personal In the past, a user logs on to an Internet application by 

computer or workstation. This allows the user to view and providing a User Id and User Password. The user remains 

manipulate his local copy of the data set using an application logged on to the system until either the user logs out of the 

such as Excel. 20 application or the user's session is timed out by the server 

Server Start, Stop and Status are basic system mainte- application. Due to the statelessness of the HTTP protocol, 

nance functions. Start, Stop puts the system into mainte- this mechanism does not allow multiple logon of identical 

nance mode, monitors and reports server daemon process user Ids. It presents a problem if the user's Internet browser 

status. Upon click of Server Mgmt from dashboard, a server crashes and the user wishes to re-logon to the system; the 

mgmt CGI is started, which accesses System API to examine 25 user would have to wait until his previous session is timed 

the current system mode and server process status, and out by the server application before he can re -logon to the 

forms an HTML page via Web API. Upon click of Start application. This logon mechanism also disallows a user 

Server, Stop Server or Maintain Server, a corresponding from switching to another workstation to logon to the 

CGI program is started to handle the basic system mainte- application whilst having a current active session on another 

nance function. Each CGI is simply a UNIX script. 30 workstation; the user either needs to log out from the 

The process for each of the maintenance functions fol- application from his original workstation or wait until his 

l ows: current session is timed out by the server application before 

1. Start Server: Start up any server daemon process that is he can logon from another workstation. To solve this 
not already up. Set system mode to up. Typical system problem, a new logon system is created. This new logon 
startup sequence is as follows: 35 authentication system prevents multiple logon of the same 

a. Start Netscape Enterprise server 2.0 daemon; logon Id and the ability to accommodate subsequent logon 

b. Load all system management information into System w ^en a user's Web browser has crashed or the user is 
r f o^ul ,u,„j operating from another workstation. 

Info Cache shared memory, The SD application logon authentication aspect prevents 

c. Create shared memory segment for ELS collector and 4o fe ^ of .^J^ logQn w ^ me abilhy (0 

start ELS collector process; accommodate subsequent logon when a user's Web browser 

d. Start User Event Daemon process; has cras h e d with the ability to logon from another worksta- 

e. Schedule auto logout cron job and server status monitor ^on whilst having a current active session on another 
cron job; workstation. 

f. Load all dynamically linked libraries, i.e., UNI API, 45 In accordance with this aspect the application maintains a 
System API, Web API; and list of users. For each user the application stores a user Id, 

g. Set system mode to up. a user password, status, and an IP address. When a user 

2. Stop Server: Gracefully stop and then forcefully kill all requests access to the SD application, the application 
server daemon processes. Shared memory segments are requires the user to enter a user Id and a user password. The 
not removed. Set system mode to down. 50 application validates the information provided against the 

3. Maintain Server: Set system mode to maintenance. Auto- list of users stored in the application. If the user name and 
matically log out all active service users by using System password matches, the application checks the user's status in 
API to delete active users. the application. If the user's status is "enabled" then the user 
The User Event Logging function logs a service user's get is logged onto the system and the user's status is changed to 

operations per user action. 55 "active". The IP address of the user's workstation is 

The number of get operations on the service management retrieved through the environment variable "REMOTE_ 

level is recorded peruser action. A get operation presents the ADDR" by the server application. This IP address is saved 

equivalent of a user action. Service user's set operations are in the user's IP address field. If the user's status is "disabled" 
logged similarly. The UNI inventory list action from dash- then the user is rejected. If the user's status is "active", then 
board is used to illustrate the user interaction. 60 the application determines if the IP address of the current 
Upon click of UNI Services from dashboard, a UNI request matches with the stored user's IP address. If the IP 
service CGI program is started up, which accesses UNIList addresses match, the user is logged on to the application. 
API to retrieve a list of UNIs for the service user. All However, if the IP addresses do match (i.e. multiple logon of 
corresponding fields are retrieved per UNI using UNI API. a user with the same user Id has been detected), a log out 
Web API then generates the response to the user action and 65 form will be displayed to inform the incoming user that a 
also uses ELS API to log made action. ELS Collector user with the same user Id is already in the system. The 
process periodically polls the ELS shared memory log and application will prompt the user to log off the other session. 
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To enforce the user logon, functions defined using 
Netscape Server API are to be created. Since Netscape 
Server will respond to every incoming request from clients, 
functions can be used to authenticate users before the server 
starts to service the request. s 

Four functions are defined using Netscape Server API. 
The first function services the logon process. It checks the 
user Id and password against the list stored in the applica- 
tion. It sends out a JavaScript cookie to the client after the 
user Id and password are validated. The second function 10 
services the log out process. 

The third function services the log out form. For example, 
when a user tries to log into the system with a user Id which 
belongs to someone who has already logged onto the system 
(i.e. multiple logon has been detected), a log out form will is 
be displayed to inform the incoming user that a user with the 
same user Id is already in the system, and prompt him to log 
off the other session. 

The fourth function will verify the JavaScript cookie to 
see if the server will go on to service the request at all. 20 

FIG. 4 illustrates the flow of information between the 
client and server. The client sends a TCP/IP message con- 
taining user Id and password to the server. The IP address of 
the client is included in the TCP/IP message. If the client is 
authorized the server returns a welcome page together with 25 
a JavaScript cookie, which contains the user Id, to the client. 
The client browser matches the URL destination (domain) 
address to that of the cookie. It then sends the cookie 
together with the query to the server. 

The JavaScript cookie expires at the end of the session i.e. 30 
logout or browser terminated. 

FIG. 5 is a flow diagram illustrating the multiple logon 
mechanism. FIG. 6 is a flow diagram illustrating the logout 
process. 

Although the foregoing description is based on the CSM 35 
SD application it is to be understood that the basic func- 
tionality which prevents multiple logon is not limited to this 
system and can be implemented in other client-server appli- 
cations. 

Another aspect of the present invention relates to online 40 
context sensitive help wherein the SD application provides 
a user friendly explanation of the current content in its 
content frame window. 

In the past, a user using an Internet based application 
would invoke context sensitive help information by clicking 45 
on a link on the content page. Due to the nature of Web 
browsers, the browser display area is usually smaller than 
the display HTML page; thus a user would need to scroll the 
entire frame to view all of the page context, It creates a 
problem that a user might have to scroll the page to find the 50 
context sensitive help link for invoking the help feature. 
Furthermore, if the help link was not implemented on the 
display page, a user would be unable to get any help 
information. 

This aspect of the present invention solves the aforemen- 55 
tioned problem by creating a new context sensitive help 
mechanism. This new mechanism provides a consistent 
context sensitive help button on the "dashboard" frame as 
shown in FIG. 7. A user is able to click on the Help button 
on the dashboard and be presented with information relating 60 
to the current right frame screen. The Help information is 
presented as a new web browser. The help screen is updated 
as the user navigates to different screens and selects the help 
button. 

The navigation frame (i.e. the left frame) of the help 65 
window allows a user to navigate through the help docu- 
ments. The content frame (i.e. the right frame) of the help 



window contains the selected help content. The navigation 
frame contains a CSM SD application like dashboard and 
additional help topics. A click on the dashboard or on a help 
topic, or through context sensitive help from the application 
updates the content frame with the corresponding help text. 

The SD application's context sensitive help invention 
provides the user with a consistent place to invoked context 
sensitive help. Context sensitive help is invoked from a link 
in the "dashboard" frame window. This mechanism allows 
the creation of a help window from the application screen 
with or without special HTML tag encoding in the content 
frame's HTML page. The content sensitive help frame can 
also be invoked as a stand-alone application. If the context 
sensitive help window is invoked from the SD application 
with special HTML tag encoding in its context HTML page, 
context sensitive information will be presented, otherwise, a 
default help information page will be presented. 

The application, in addition to generating HTML contents 
for presentation, generates the following HTML tags: 
In each Content Frame page: 

<Form Name="helpForm"> 

<Input Type="hidden" Name="screenID" value="(a 

screen identifier)"> 
</Form> 

The Dashboard frame contains JavaScript code to create a 
new browser Help Window. 

The Help Window frame requests more HTML help 
contents from the SD application server. The resulting 
request contains JavaScript code to look into it's opener (i.e. 
parent) window to check if it has a Content Frame with a 
"screen Id" tag. This "screen Id" tag is mapped to a 
corresponding help URL by the Help Window for displaying 
help information in the-Help Content Frame that corre- 
sponds to the "screen Id" tag. If "screen Id" is not present, 
then a default help page will be presented. 

An example of a JavaScript code for implementing the 
help feature in the CSM SD follows. 
<HTML> 
<HEAD> 

<T1TLE>CSM SD Documentation<yTITLE> 
</HEAD> 

<SCRIPT LANGUAGE«"javaScript"> 

window.onerror=null; 

function cleanUp( ) { 

if (navigator.userAgent.indexOf("3.0")!=-l) 
parent.window.opener.help Windmill; 
else 

parent.window.opener.top.helpWin=null; 

} 

function gotoContextHelp( ) { 
var helpPath="/SD/SDWBUI/"; 
var helplndex-""; 

if (navigator.userAgent.indexOf("3.0")!=-l) 
helplndex- 

parent. window. opener. frames[l] 

.document.helpForm.screenID .value; 
else 

helplndex** 

parent. window, opener. top. frames[l] 

.document.helpForm.screenlD.value; 
var newURL~helpPath+"index.htmr'; 
if (helplndex=="640") 
{ 

newURL«helpPath+ <( TP/lwelcome,html#b9086"; 
} 
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if (helplndex««"300") 
{ 

newURL=helpPam+"TP/2netport.htrnl#b9022"; 
} 

if (helplndex=="310") 
< 

newURL=helpPath+"TP/3frport.html#b4450"; 
} 

if (helplndex«="400") 
< 

newURL=helpPam+"TP/5pvcall.html#b9244''; 
} 

if (helpIndex=«"41Cr) 
{ 

newURL=helpPath+ u TP/7frpvcs.html#b9103"; 
} 

if (helplndex=="500") 
{ 

newURL=helpPath+"TP/12traf.html#b4531"; 
} 

if (helplndex=»"510") 
{ 

newURL-helpPath+"TP/12traf.html#b4536"; 
} 

if (helplndex=="520") 
{ 

newURL=helpPath+"TP/12traf.html#b4540"; 
} 

if (helplndex=="530") 
{ 

newURL=helpPath+"TP/12traf.html#b4546"; 
} 

if (helpIndex=="54(T) 
{ 

newURL=helpPath+"TP/12traf.html#b4546"; 
} 

if (helplndex=="550") 
{ 

newURL=helpPath+"TP/12traf.htral#b474"; 
} 

if (helplndex=="61(r) 
{ 

newURL«helpPath+"TP/16prefs.html#b4558"; 
} 

if (helplndex=="620") 
{ 

newURL«helpPath+"TP/15comm.html#b4554"; 
} 

if (helplndex«="630") 
{ 

newURL=helpPathV < TP/15comm.html#b4557 M ; 
} 

if (helplndex=="710") 
{ 

newURL=helpPath+"TP/16prefs.htmWb4564"; 
} 

if (helplndex— "720") 
{ 

newURL=helpPathV'TP/16prefs.html#b4569"; 
} 

if (helplndex=«"320") 
{ 

newURL=helpPath+"TP/4atmport,html#b9030"; 
} 
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if (helplndex=="440") 
{ 

newURL«helpPath+ < 'TP/9mclist.html#b838r'; 
} 

s if (helplndexo»"420") 
{ 

newURLt 3 helpPath+ << TP/8vccvpc.btml#b7364"; 
} 

if (help]ndex—"430") 
10 { 

newURL-helpPath+"TP/llmcvc.html#b9090"; 
} 

if (helplndex— "450") 
{ 

15 newURL-helpPath+"TP/10mcdet.html#b9087"; 
} 

if (helplndex— "810") 
{ 

newURL=hclpPath+"TP/13atmtr.html#b9099"; 
20 } 

if (helplndex=»"821") 
{ 

newURL=h6lpPath+ <( TP/13atmtr.htmL#b9100 ,, i 
} 

25 if (helplndex=="822") 
{ 

newURL=helpPath+"TP/13atmtr.html#b9102"; 
} 

if (helplndex=«"830") 

30 { 

newURL=helpPath+"TP/13atmtr.html#b9101"; 
} 

if (helplndex=="831") 
{ 

35 newURL-helpPath+"TP/13atmtr.html#b9101"; 
} 

if (helpIndex--"900") 
{ 

newURL-.helpPath+"TP/14trans.html#b872T'; 
40 } 

this.frames[l]. Location. href-newURL; 
} 

</SCRIPT> 

<FRAMESET ROWS="75, 4 " onUnload="cleanUp( )" 
45 onLoad="gotoContextHelp( )"> 

<FRAME SRC="iop.htmr NAME="dash" SCROLLING= 
NO 

MARGINHElGHT="0"> 

<FRAME SRCo"TOC/index.html" NAME="content" 
50 MARGINHEIGHT«"0"SCROLLING«YES> 
</FRAMESET> 
< 

FIG. 8 illustrates the online context sensitive help frames 
and FIG. 9 is a flow chart for online context sensitive help 
55 process. 

Again, this aspect of the present invention is not limited 
to the CSM SD application. 

A further aspect of the present invention is concerned with 
configurable third party Internet application integration. The 

60 CSM SD application supports dynamic run time integration 
of external Internet applications. The applications can be 
configured during run time to run a given URL passing the 
URL a predefined set of URL parameters. This feature is 
accessed by a user from the dashboard frame of the SD 

65 application. In the present embodiment up to five applica- 
tions can be supported but it is to be understood that this a 
system limitation and not a limitation of the basic concept. 
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In the past, HTML pages with third party Internet appli- <INPUT TYPE»"hidden" NAME«"communityString'' 

cations were programmatically generated with predefined VALUE-"(some valuey> 

URLs and links, in the form of graphical interface format </FORM> 

(GIF) images. These URLs and GIF file names are coded <a HREF=javaScript:submitCGIForm("http://(some 

into the software that generates these HTML pages. Once 5 URL)", "(target name)") onMouseOver="top.status=' 

encoded into the software, these URLs and GIF file names message)' ;return true"><IMG SROhttp://(some 

are not changeable by the application end user. To solve the gj e ijrl) 

problem, a new mechanism is created. This new mechanism BORDER=0 ALT="(some message)"x/A> 

allows dynamic run time configuration of external Internet j^e generated dashboard HTML page is sent to the user's 

applications into the SD application. 10 browser. 

The SD application allows the configuration of Status, the ^ clicks on an externa j application button, 

Application Name, Button Image Path, URL, and Target me corresponding CGI process is called using the URL 

Location via a Third Part Application Configuration Screen. information as configured on the Third Party Configuration 

(FIG. 10). Screen. The predefined URL parameters are sent along in the 

Status allows the third party application to be enabled or 15 URL request via a JavaScript submit command. The result- 
disabled. Application Name is the name of the third party ing URL request is displayed either in a new frame window 
application. Button Image Path is the URL of the GIF file or in tbe conte xt frame as configured in the Third Party 
that represents the third party application. URL is the URL Application Configuration Screen, 
of the third party application. Target Location is the location four parameters of a user (user log on Id, user name, 
where the third party application will appear when invoked 20 custom er name, community string) will always be sent when 
by the user; the third party application can appear either in an cxt ernal application is called. These will also be the only 
a new browser window or in the Content Frame. FIG. 11 parameters sent regardless of the page context. An external 
depicts the third party application buttons on an end-users application can ignore its input and not make use of these 
browser window. parameters if it so chooses. All parameters from the appli- 

Configuration of third party applications is a two step 25 calion are passed t0 the exlerna i application through a 

process. Firstly, the administrator configures the third party "form" which is a standard feature in HTML 3.0 and later, 

application via the Third Party Application Configuration "POST" method is used but this should not affect an external 

Screen shown in FIG. 10. Then, the administrator configures application's implementation. 

each user to allow or disallow access to these configured nt browser packages the parameters in a form to a 

third party applications, 30 special format called URL encoding before sending them 

Upon log on, each user will see assigned third party out URL encoding tacks all the keys and values together, 

applications appearing in the dashboard frame of tbe SD replacing space and special characters where necessary, 

application. The user can access these third party applica- Parameters that have been URL-encoded can end up looking 

tions by clicking on these links and the corresponding likc me following example: 

Internet application will appear either in a new frame 35 US erId = admin&userName = CSM 

window or in the context frame. %20Admh&customerName=. 

The application contains a list of third party application Because the parameters are passed to the external appli- 

specific information, namely: Enabled Flag, Application catkm in this URL-encoded form, an external application 

Name, Button Image Path, URL, and Target Location. A win have to decode the input before it can use the param- 

presentation process is used to present the list of third party d0 eters Decoding this information is a common task, and there 

application information for viewing and editing by the are lots 0 f tools f or ^ omg ^ tnat 

application administrator. The application also keeps a list of FIG. 12 is a flow chart illustrating configurable third party 

user attributes: user Log on Id, user name, customer name, internet application integration. 

community string (VSN), and a list of assigned third party A father aspect of the present invention relates to a 

applications. The SD application upon receiving the request 45 function known as context switching to customer accounts, 

to generate the dashboard frame for a user, determines if any j n this aspect the SD application allows privileged users to 

of the third party applications has been enabled for this user. adopt identities of different customer accounts to trouble 

For each enabled third party application, a presentation shoot pro blems with a particular customer, from that cus- 

process generates the corresponding HTML tag using the tomer's point of view. The user selects a customer from a 

stored third party application information. The presentation 50 seJe ction list that displays all of the application's customers, 

process also generates a HTML hidden form tag containing Upon selection of a customer, the user immediately adopts 

the identifiers: userld, userName, customerName, commu- tne identity of the selected customer. Three categories of end 

nityString and their corresponding values. The generated users m SU p porle d by this application. These are: external 

HTML tags are inserted into the dashboard HTMLpage. The user or customer end user; internal user or service provider 

Dashboard Frame page contains the following code snip: 5S e nd-user who takes on role of a particular customer; and 

function submitCGIForm (aURL.aTarget) { system administrator or a service provider end-user who has 

document.CGI Form. action=aURL; authority to configure the system. 

document.CGIForm.target-aTarget; In the past, for a user to adopt the identity of another 

document. CGIForm.submit( ); customer in a system that required user authentication the 

} 60 following steps would be required: the user would have to 

<FORM NAME«"CGIForm"> log out from the user's current account and re -log in, into the 

<INPUT TYPE="hidden" NAME="userId" VALUE-" application, using a log in Id configured for a particular 

(some value)"> customer. This mechanism makes the process of adopting 

<INPUT TYPE="hidden" NAME="userName" VALUE-" different customer identity quite cumbersome for the user. 

(some value)"> 65 This mechanism also adds additional overhead for the 

<INPUT TYPE=" hidden" NAM E=" customerName" application administrator to maintain a list of privileged 

VALUE-" (some value)" > users for all customer accounts. To solve the problem, a new 
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process of adopting different customer identity is created. 
This new identity adoption process allows a user to select a 
customer from a customer list and immediately adopt the 
new-identity without compromising the user authentication 
process of the SD application. 

According to the invention the application maintains a list 
of users. For each user the application stores a user Id, a user 
password, a user type, and customer name. The value of 
User Type in the SD application is one of "internal", 
"external" or "System Admin". The application also stores a 
list of customers. "Internal" user type allows a user to have 
privileged access to information of all customers. "External" 
user type restricts a user to access only its assigned customer 
data. "System Admin" gives a user authority to configure the 
system. 

The SD application upon receiving a request to display a 
"Welcome" page, initiates a presentation process to check if 
the current user's user type is of type "internal". If the user 
type is "internal" then it returns a HTML page that displays 
a "Switch Customer Account" presenting the list of custom- 
ers for the user that are of user type as "internal" else it 
returns a HTML page without this "Switch Customer 
Account" capability. 

When the user selects a customer name from the list of 
customer names, a CGI process is called passing the selected 
customer name as a parameter. The CGI process then 
updates the user's customer name attribute to the selected 
customer name. The user has assumed the identity of the 
selected customer. All subsequent requests from the user's 
browser are now associated with the customer name of this 
user's customer name stored by the SD application. 

FIG. 13 shows an internal user's welcome frame. A pull 
down menu contains a list of all the customers that may be 
accessed by the internal user. 

FIG. 14 represents the welcome frame for an external 
user. In this frame the pull down customer list menu is 
missing. Subsequent frames for both type of user are the 
same. 

FIG. 15 is a flow chart of the process for context switching 
to a customer account. 

Another aspect of the present invention relates to the 
previously discussed use of shared memory. 

Unlike the Newbridge 46020 management system, the 
CSM Service Director provides network management in the 
context of network services. Hence there is a need to store 
extra information other then that which is extracted from the 
46020, such as user and customer profile. With a predefined 
nominal capacity of housing 500 customers and 1000 users, 
the cost of maintaining another separate database in addition 
to the one of CSM Agents is difficult to justify. The natural 
solution to this type of situation will usually be to store this 
additional information on disk file. 

However, the Web/CGI mechanism has already imposed 
a significant load on the Service Director's performance; 
adding the file I/O bottle-neck is undesirable, especially in 
a concurrent system. 

To optimize the performance, instead of storing the infor- 
mation onto the disk directly, Service Director writes the 
information into shared memory, and then updates the 
information to the disk periodically using a background 
control process. 

At the start up of the Service Director server, shared 
memory space is allocated and initialized by a daemon 
process. A handle to the shared memory is created and saved 
to a file. Server processes of user requests will look for that 
handle in order to access the shared memory. The structure 
and space requirement of the shared memory is also pre- 
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defined. When a user's action requires access to the shared 
memory, the corresponding server process will use the 
structure definition as a map to access the shared memory 
space. 

5 A separate background process is responsible for backing 
up the content of the shared memory. The process periodi- 
cally updates the content to a backup file at a user-defined 
lime interval. The backup file is used in system recovery and 
restart. The backup file is also updated right before system 

1Q shutdown. 

On the other hand, the daemon process creates a time- 
stamped backup of the shared memory at system startup 
time. It is done by making a copy of the latest backup file 
and renaming it with a timestamp. The reason is to archive 
and preserve the configuration of the system before every 
15 startup of the Service Director. 

The shared memory is simply RAM that is used because 
access to a non-volatile storage device such as a hard drive 
is relatively slow. The fundamental idea is to read, in 
snapshot format from archive, into the shared memory and 
20 to write back again periodically. 

A flow chart showing the backup procedure is given in 
FIG. 16. 

The CSM system provides customers of a service pro- 
vider with a web-based access to manage the communica- 

25 tions related services they receive from the service provider. 
It is advantageous for the service provider who may then 
re-sell the management capability to their customers or may 
use it internally as a tool for their Customer Service Rep- 
resentatives (CSRs). 

30 The management capabilities of the system include the 
ability to perform performance and configuration manage- 
ment on services provided by the service provider, in 
particular, on the access ports and virtual circuits of the 
communications network assigned to a particular subscriber 

35 or customer. For example, the CSM system may be used by 
service end-users as a means to access information relating 
to their FR and ATM PVC and UNI services. 

While particular aspects and embodiments of the inven- 
tion have been described and illustrated it will be apparent 

40 to one skilled in the art that numerous alternatives and 
variations can be implemented. It is to be understood, 
however, that such alternatives and variations will fall 
within the scope of the invention as defined by the appended 
claims. 

45 Glossary 

The following definitions clarify terms used in the fore- 
going description and are presented here for the convenience 
of the reader. 

ATM Asynchronous Transfer Mode. A switching/ 
50 transmission technology which employs 53 byte cells as 
a basic unit of transfer. The ATM Cell is divided into 5 
bytes of ATM Layer overhead and 48 bytes of ATM 
payload. ATM is fundamentally statistical in nature, with 
many "virtual circuits" sharing bandwidth. 
55 ASCII American Standard Code for Information Inter- 
change. 

CGI Common Gateway Interface. A standard for interfacing 
external applications with information servers, such as 
HTTP or Web servers. A CGI program is executed in 

60 real-time, so that it can output dynamic information. 
CSM Agent Customer Service Management Agent. CSM 
Agent accesses information from 46020 databases and 
provides users with statistics, configuration and fault 
information for the frame relay objects in their VSNS. 

65 Users access the information from the CSM Agent 
through a Customer NMS running a third party SNMP 
management application, such as HP OpenView. 
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CSR Customer Service Representative. A person working server to configure information respecting said external third 

for a service provider to assist its customers. party application in order to provide access thereto by 

Customer An organization that purchases network services selected users; means at said web browser for inputting user 

in the form of a partition from a service provider. specific login information; means at said server for receiving 

FR Frame Relay. A data transmission technique that com- s said user login information and determining if said user is 

bines the high speed and low delay of circuit switching one of said selected users; means in said web server for 

with the port sharing and dynamic bandwidth allocation generating and returning to said browser an indicator for 

capabilities of X.25 packet switching. Like X.25, frame display on a dashboard on said web browser if said user is 

relay divides transmission bandwidth into numerous vir- one of said selected users; and means to retrieve said 

tual circuits and allows for bursts of data. But unlike X.25, 10 external third party application for use on said browser if 

frame relay does not require a lot of processing at each access thereto is permitted. 

node, delegating error correction and flow control to the 2. A system as defined in claim 1 wherein said configu- 

attached user devices. ration information includes user status, third party applica- 

FRL Frame Relay Link. A series of connections between two tion name, image path, URL of said third party application, 

frame relay sources or switching circuits. Source circuits is and location of said third party application on said web 

are the ingress points for frame relay (e.g., Tl DS-Os, Data browser. 

ports). Switching circuits are Frame Stream Circuits on 3. A system as defined in claim 1 wherein said login 

Frame Relay Switch and/or Frame Relay Engine Cards. information includes user identification, user name, cus- 

FRP Frame Relay Path. An end-to-end logical frame relay tomer name and community string or virtual private network 

connection. Equivalent to a Permanent Virtual Circuit. 20 (VPN). 

FRPs exclusively use FRLs. 4. A system as defined in claim 3 wherein external third 

MIB Management Information Base. A collection of objects party applications which can be accessed by said web 

that can be accessed via a network management protocol. browser are displayed on said dashboard in response to a 

01 D Object Identifier. A unique identifier for a particular user login, 

object type in a MIB. The value associated with the OID 25 5. A system for providing a user of an Internet-based 

is hierarchical and so its naming convention also serves to communication system selective access to information relat- 

identify the structure of object types. ing to other users comprising: a server having means to store 

PVC Permanent Virtual Circuit. An end-to-end logical con- a list of users including user access type, identification, 

nection. password and name; a user client having means for a user to 

RFS Release Functional Specification. A Contract between 30 input identification and password information; and means at 

Engineering and the Business Units concerning the func- said server to compare said user input information with 

tionality for a particular release of a product. The line stored information and based on user verification and user 

items of the RFS are later expanded by detailed functional access type provide said user with a list of other users for 

specifications. which said user has access. 

SD Software Design. Newbridge R&D document detailing 35 6. A system as defined in claim 5 wherein said access type 

the high level design of a software subsystem. is one of internal, external or system administration. 

Service Provider The owner of a partitioned network. 7. A system as defined in claim 6 wherein a system 

Service User An owner of a user account within a customer administration access type allows a service provider end- 

or service provider organization. user to configure said system respecting all users. 

SNMP Simple Network Management Protocol. A standard 40 8. A system as defined in claim 6 wherein an internal 

for the management of entities in a TCP/IP local area access type allows said user to have access to information 

network. respecting all users. 

UNI User Network Interface. The interface used to connect 9. A system as defined in claim 6 wherein an external 

user equipment to network equipment. access type allows said user access to information respecting 

User Account A Web access account of CSM Service 45 selected users. 

Director. A user account is associated with an individual 10. Asystem as defined in claim 5 wherein said system is 

within a customer or service provider organization. A customer service management system (CSM), said server is 

customer may have multiple user accounts. a CSM service director (SD) and said user operates an 

VSN Virtual Service Network. A form of a partition which Internet based browser. 

may contain path end equipment only. Bandwidth is so 11. A system as defined in claim 10 wherein said other 

drawn from the 'parent' partition which must be a VBN users are customers of said users. 

or the 'Supply Network'. The service user sees a physical 12. A system as defined in claim 10 wherein said service 
view of path end network equipment and a logical view of director stores a list of users and a list of said user's 
connected paths. customers, said customer's account information being avail - 
What is claimed is: 55 able to said users depending on user access type as stored in 
1. A system for providing a selected user of an Internet- said server, 
based web browser access to an external third party appli- 
cation through a web server comprising: means in said web * * * + * 
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